Police warn students to avoid science website

Police are warning UK students against using “Russian based website” Sci-Hub that allegedly allows users to illegally access millions of scientific research papers.

The concern is not only around the illegal access to papers. The Intellectual Property Crime Unit within the City of London Police have stated that using the website can pose a threat to the personal data of students.

City of London Police's Cyber Protection Officer, Max Bruce, has advised universities to block the potentially malicious website from their networks due to the threat posed. Bruce stated "If you're tricked into revealing your log-in credentials, whether it's through the use of fake emails or malware, we know that Sci-Hub will then use those details to compromise your university's computer network in order to steal research papers."
WARNING: National Insurance scam leads to surge in calls to Action Fraud

Action Fraud has seen an increase of over 34,000 calls regarding National Insurance scams last month compared to February of last year. Those targeted by this vishing scam have reported receiving an automated telephone call stating that their “National Insurance number has been compromised” and are then prompted to “press one on their handset to be connected to the caller.” The malicious caller will then try to convince the victim to share personal details with the promise of receiving a new National Insurance number.  In actual fact, the unsuspecting victim will have been conversing with a criminal who may then use their personal information to commit fraud.

The Head of Action Fraud, Pauline Smith, has asked the public to “remain vigilant and be cautious of any automated calls they receive mentioning their National Insurance number becoming compromised” she also stated that “even confirming personal details, such as your email address, date of birth or mother’s maiden name, can be used by criminals to commit fraud. If you have any doubts about what is being asked of you, hang up the phone. No legitimate organisation will rush or pressure you.”
NHS boss's Twitter accounts hacked by PS5 scammers

Helen Bevan, a NHS Horizons Chief Transformation Officer, has had two of her Twitter accounts, amounting to almost 140,000 followers, hacked by malicious actors who utilised them to promote fake PlayStation 5 sales. Ms Bevan also paid money to an individual who claimed they could help but that person turned out to be a fraudster as well.

Fortunately, she now has her accounts back but has been met with dozens of messages from individuals who fell victim to the scam. Ms Bevan wrongly thought she had activated 2FA (two-factor authentication). Not having 2 FA meant that the hackers could simply change the email address and phone number linked her accounts once they had found her password.

Find out more about setting up 2FA on the NCSC website here
Computer Software Service Fraud

What is Computer Software Service Fraud?
Computer Software Service Fraud occurs when criminal masquerades as a legitimate company and contacts you regarding your computer. This type of fraud can encompass anything from fake ‘Computer Software Tech Support’ calls, to fraudsters claiming that they need your bank detail to ‘validate software’ or even calls from criminals claiming to be you ISP (internet service provider). Our police forces in the West Midlands receive crime reports for these offences on a regular basis so it's important that we highlight ways to protect yourself and your loved ones from falling victim to a fraudster. 

What do these scams look like?
Often these criminals will masquerade as popular companies to make their ploy appear more authentic. Common scams used by these fraudsters may include:

  • Receiving an unsolicited phone call from a Tech Support Team (e.g. Microsoft Tech Support) claiming that they can fix an issue with your computer.
  • Being sent unexpected emails with supposed security updates attached.
  • Being contacted for your bank card information in order to ‘validate Windows.'
  • You may be contacted and told that there is a virus on your computer or an issue with your router.
  • Being informed you have won the ‘Microsoft Lottery’ or another type of prize.

It is important to note that, like in all areas or fraud and cyber crime, criminals are always changing their techniques and tactics. Therefore, it is vital to always be vigilant and alert when receiving unexpected communications and always think twice before giving out any sort of personal or sensitive information.

How to Protect Yourself
  • Remember that legitimate computer organisations do not send or make unsolicited emails or phone calls and request personal or financial information, or to ’fix’ your machine.
  • Companies do not tend to send out unexpected information regarding security updates. If in doubt, don’t open the email.
  • Financial information is NOT needed to validate copies of Windows. Microsoft does validate requests to download software from its website using its ‘Genuine Advantage Program’ but will NOT ask for any personal or financial information while doing so.
  • Be sceptical if you have been contacted by someone informing you that you have won money or a prize. The ‘Microsoft Lottery’ is not a real thing - remember if it seems too good to be true, then it probably is.
What to do if you are contacted by a Computer Software Service Fraudster?                                                                            
  • If you are contacted by a malicious individual, it is best practice to hang up the phone or delete the email.
  • If you are unsure whether a communication is legitimate do not click any links and/or end the phone call. You can contact the firm directly using a phone number or email from a verified source (for example the company’s official website).
  • Even if a caller can provide you with your information (e.g. your name and address) do not give out any further information if you believe you are being cold called.
  • Never grant a caller remote access to your computer or install software because of the instructions of an email or a call.
Purple Fox malware worms its way into exposed Windows systems

The ‘Purple Fox’ malware, previously spread via phishing emails and exploit kits, is now equipped with a worm module that allows it to scan and infect Windows systems accessible over the internet.

Purple Fox was first discovered in 2018 after it infected at least 30,000 machines, the malware comes with built in rootkit and backdoor capabilities and is utilised as a downloader to deploy other malware strains
Chinese Hackers Used Facebook To Target Uyghurs With Powerful iPhone And Android Spyware

Chinese hackers are allegedly using potent iPhone and Android malware to attack Uyghur activists on social media giant Facebook,  but Facebook is trying to fight back.
The threat group dubbed “Evil Eye” have been setting up fake accounts masquerading as pro-Uyghur journalists and activists.  After creating a rapport, they then send their targets malicious links to hacked websites containing iOS malware or to fraudulent websites that appear as though it is that of popular Uyghur and Turkish news sites. The Head of Security at Facebook, Nathaniel Gleicher, explained that these attacks were a form of ‘supertargeted espionage’ with the number of targets being below 500.

Acer Faced With Ransom Up To $100 Million After Hackers Breach Network

A ransomware group known as REvil has targeted giant Taiwanese computer manufacturer Acer and are demanding a sum of $50 million. This huge ransom price is reportedly a discounted rate that REvil will accept if the demand is paid quickly, conversations between the criminal group and Acer representatives have unveiled that the 20% reduction was offered as a way of convincing the company to pay by Wednesday the 24th March - if no payment or progress has been made after 8 days then REvil’s price will increase to $100 million.

Cybersecurity experts believe that the hacking group may have exploited Microsoft Exchange server flaws in their attack but Acer has not confirmed or denied this claim.
Microsoft Exchange servers are under attack once again

Security researchers have uncovered a new campaign targeting Microsoft Exchange servers known as “BlackKingdom” that utilises ProxyLogon vulnerabilities to deploy ransomware. When deployed, the ransomware will encrypt files and leave a ransom note under the name decrypt_file.TxT, other notes named ReadMe.txt have also been found which contain slightly different text but both notes request the victim pay $10,000 in bitcoin to unencrypt infected servers.

BlackKingdom has so far infected victims in the UK, the US, Canada, Russia, Croatia, Australia, Austria, Italy, France, Germany, Switzerland, Israel and Greece.
What can we offer you?
Get in Touch
Click here to subscribe to the Cyber Crime Sentinel Newsletter!

UK Education and Childcare Sector Alert and Resources

The National Cyber Security Centre has released the following guidance to schools - Cyber Security for Schools.  This page houses free resources for everyone working with schools. The education sector has recently been affected by a number of cyber incidents. 

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals

Support for UK education sector after growth in cyber attacks

New NCSC guidance aimed at the UK Early Years education and Childcare sector
The new guidance, produced in association with key stakeholders in the Early Years sector, will help organisations protect the growing amounts of sensitive information held on children and their families, from both accidental damage or from online criminals.

Get in touch with us if your school or organisation would like support with staff training. 

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040
to report and obtain advice about fraud or cyber crime
Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.

If a hacker gets into your email, they could reset the passwords for your other accounts. Have you secured your email account properly? 




The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2021 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp